Part 2 Flashcards
What is “direct evidence”?
Oral testimony that proves a specific fact.
What is “documentary evidence”?
Commercial documents, prints, manuals, etc.
What are 3 rules for evidence”
1) Better evidence: the court prefers original documents.
2) The exclusionary rule: The data collected in violation of the 4th amendment (unreasonable search and seizure) is not eligible.
3) Whether or not there is ‘hearsay”. Which is second-hand evidence and is an option not admissible. Not even computer-generated hearsay.
What is “image capturing?”
Imaging a system can be a very effective way of preserving evidence.
What is a “forensic copy”?
It is a bitwise copy that includes integrity checks in the form of a hash.
Hashing tools and algorithms create message digests that show that a copy is equivalent to the original and has not been altered.
What is “time offset”?
This is when there is a time difference between two different computers, they are not synchronized in “real time”.
What is “preservation of evidence”?
This is the process of making sure that evidence is purchased, identified, protected from tampering, transported, and stored properly. Digital copies can be edited and completed without a record of change.
Need to have safeguards against manipulation, whether intentional or not. Also collecting hashes helps as they validate copies of evidence.
What is the “recovery of evidence”?
This is determining relevant information and then retrieving it.
What is “strategic information gathering”?
This is the use of all resources to make decisions. This is limited to the management level.
What is “counterintelligence collection”?
This is the collection of information specifically directed to the strategic intelligence effort of another entity.
What are “Standard Operating Procedures (SOPs)”?
Both are needed for SOPs:
1) These are step-by-step directions on how to implement policies within an organization.
2) Standards are mandatory elements for the implementation of a policy.
What are “Trade Association Agreements (BPAs)”?
They are the legal agreements between partners. This is a legal agreement that outlines the terms, conditions, and expectations between partners.
What are “service level agreements (SLA)”?
These are negotiated agreements between two parties that outline service expectations. Technical metrics between the customer and service provider are usually described in this agreement.
What is an “interconnection security agreement (ISA)”?
It is a specialized agreement between organizations that have interconnected IT systems. ISAs document the security requirements that arise from such connections.
What are “Memorandums of Understanding (MOU)”?
These are legal documents that describe a bilateral agreement between the parties. The parties have some kind of shared goal.
What are “non-disclosure agreements (NDAs)”?
These are confidentiality agreements between a company and its staff, which describes the limits of secret corporate material and the disclosure of such information to unauthorized parties.
What are “Acceptable Use Policies (AUPs)”?
These are documents that describe what your organization considers appropriate use of its resources. This includes computer systems, email, the internet, and networks. The goal is to enable normal business productivity while limiting inappropriate use.
What are “workplace policies”?
These are policies that help the organization run better by providing rules that help people work together and allow adherence to standard operating procedures.
What is “onboarding”?
This is the process of hiring an employee and getting them going with workplace policies.
What is “offboarding”?
This is the process of removing an employee from the organization.
What are “data owners roles” responsible for?
These roles are responsible for data ownership and this is a business function where requirements for security, privacy, retention, and other business functions are set.
What are “system administrator data roles” responsible for?
These are administrative users responsible for keeping a system within defined requirements. They do not create the requirements, just enforcing them.
What are “users”?
These are ordinary users who have limited access and privileges, depending on their role and work activities.
What are “privileged users”?
These users have more access than ordinary users.